projects / librecmc / librecmc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: 3c4c5d7)
wolfssl: Backport fix for CVE-2021-3336
authorHauke Mehrtens <hauke@hauke-m.de>
Mon, 8 Feb 2021 23:53:09 +0000 (00:53 +0100)
committerRISCi_ATOM <bob@bobcall.me>
Wed, 17 Feb 2021 15:11:15 +0000 (15:11 +0000)
This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).

The patch is backported from the upstream wolfssl development branch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1f559cafe5cc1193a5962d40a2d938c66c783171)


No differences found